来自AI助手的总结
Kubernetes中通过Secret加密存储并在Pod中引用账号密码
一、账号及密码base64加密
$ echo -n "aming"|base64
$ echo -n "linux123"|base64
二、定义YAML
$ vi mysecret.yaml
apiVersion: v1
kind: Secret
metadata:
name: mysecret
data:
user: YW1pbmc= ## echo -n "aming"|base64
passwd: bGludXgxMjM= ## echo -n "linux123"|base64
三、查看
$ k apply -f mysecret.yaml
$ k get secret
$ k describe secret mysecret
四、在其它pod里引用Secret
$ vi testpod2.yaml
apiVersion: v1
kind: Pod
metadata:
name: testpod2
spec:
containers:
- image: registry.cn-hangzhou.aliyuncs.com/abroad_images/busybox:latest
name: busy
imagePullPolicy: IfNotPresent
command: ["/bin/sleep", "300"]
env:
- name: USERNAME
valueFrom:
secretKeyRef:
name: mysecret
key: user
- name: PASSWORD
valueFrom:
secretKeyRef:
name: mysecret
key: passwd
应用YAML
$ k apply -f testpod2.yaml
五、验证
$ k exec -it testpod2 -- sh
/ # echo $PASSWORD
linux123
六、恢复
$ k delete -f testpod2.yaml
$ k delete -f mysecret.yaml
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
暂无评论内容